By: vinay tangella user 28 May 2019 at 2:43 p.m. CDT

21 Responses
vinay tangella gravatar
We installed oxd https server did all required configurations and udpgraded the oxdpython libraries which are in python2.7 to 3. But when we try to do a setup-client, we are running in to a ton of issues. We have been trying to read docs and understand but it is not taking us anywhere. Can you please look into this and help us.

By William Lowe staff 28 May 2019 at 2:47 p.m. CDT

William Lowe gravatar
How are we supposed to help without any specific information? Where are the logs? Where are the steps to reproduce?

By vinay tangella user 28 May 2019 at 2:56 p.m. CDT

vinay tangella gravatar
Thanks for the response william am not sure what you need so did not attach anything to the ticket. Steps to reproduce: 1. Set up Https oxd server 2. Try to setup client before getting authorization_redirect_uri 3. In setup_client - we are seeing an issue - which says connection timed out. def request(self, command, **kwargs): """Function that builds the request and returns the response Parameters: * **command (str):** The command that has to be sent to the oxd-server * ** **kwargs:** The parameters that should accompany the request Returns: **dict:** the returned response from oxd-server as a dictionary """ url = self.base + command.replace("_", "-") req = urllib.request.Request(url, json.dumps(kwargs)) req.add_header("User-Agent", "oxdpython/%s" % __version__) req.add_header("Content-type", "application/json; charset=UTF-8") The above file is from oxdpython library we are faciing issue at line req = urllib.request.Request(url, json.dumps(kwargs)) The ur is building as https://localhost/setup-client we assume this is causing the issue. oxd-https.yaml oxdHost: localhost oxdPort: 8099 server: applicationConnectors: - type: https port: 8443 keyStorePath: oxd-https.keystore keyStorePassword: example validateCerts: false adminConnectors: - type: https port: 8444 keyStorePath: oxd-https.keystore keyStorePassword: example validateCerts: false # Logging settings. logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. level: INFO # Logger-specific levels. loggers: org.gluu.oxd: DEBUG org.xdi.oxd: DEBUG # Logback's Time Based Rolling Policy - archivedLogFilenamePattern: /tmp/application-%d{yyyy-MM-dd}.log.gz # Logback's Size and Time Based Rolling Policy - archivedLogFilenamePattern: /tmp/application-%d{yyyy-MM-dd}-%i.log.gz # Logback's Fixed Window Rolling Policy - archivedLogFilenamePattern: /tmp/application-%i.log.gz appenders: - type: console - type: file threshold: INFO logFormat: "%-6level [%d{HH:mm:ss.SSS}] [%t] %logger{5} - %X{code} %msg %n" currentLogFilename: /tmp/oxd-https.log archivedLogFilenamePattern: /tmp/oxd-https-%d{yyyy-MM-dd}-%i.log.gz archivedFileCount: 7 timeZone: UTC maxFileSize: 10MB logs- INFO [10:03:36.992] [main] o.e.j.u.log - Logging initialized @2455ms INFO [10:03:37.232] [main] i.d.s.ServerFactory - Starting OxdHttpsApplication INFO [10:03:37.269] [main] i.d.s.DefaultServerFactory - Registering jersey handler with root path prefix: / INFO [10:03:37.300] [main] i.d.s.DefaultServerFactory - Registering admin handler with root path prefix: / INFO [10:03:38.693] [main] i.d.j.HttpsConnectorFactory - Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2] INFO [10:03:38.693] [main] i.d.j.HttpsConnectorFactory - Supported cipher suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] INFO [10:03:38.755] [main] o.e.j.s.SetUIDListener - Opened application@6865c751{SSL-HTTP/1.1}{0.0.0.0:8443} INFO [10:03:38.758] [main] o.e.j.s.SetUIDListener - Opened admin@62679465{SSL-HTTP/1.1}{0.0.0.0:8444} INFO [10:03:38.766] [main] o.e.j.s.Server - jetty-9.2.z-SNAPSHOT INFO [10:03:40.615] [main] i.d.j.DropwizardResourceConfig - The following paths were found for the configured resources: POST /get-access-token-by-refresh-token (org.gluu.oxd.RestResource) POST /get-authorization-url (org.gluu.oxd.RestResource) POST /get-client-token (org.gluu.oxd.RestResource) POST /get-logout-uri (org.gluu.oxd.RestResource) POST /get-tokens-by-code (org.gluu.oxd.RestResource) POST /get-user-info (org.gluu.oxd.RestResource) GET /health-check (org.gluu.oxd.RestResource) POST /introspect-access-token (org.gluu.oxd.RestResource) POST /introspect-rpt (org.gluu.oxd.RestResource) POST /register-site (org.gluu.oxd.RestResource) POST /remove-site (org.gluu.oxd.RestResource) POST /setup-client (org.gluu.oxd.RestResource) POST /uma-rp-get-claims-gathering-url (org.gluu.oxd.RestResource) POST /uma-rp-get-rpt (org.gluu.oxd.RestResource) POST /uma-rs-check-access (org.gluu.oxd.RestResource) POST /uma-rs-protect (org.gluu.oxd.RestResource) POST /update-site (org.gluu.oxd.RestResource) INFO [10:03:40.625] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@75308740{/,null,AVAILABLE} INFO [10:03:40.640] [main] i.d.s.AdminEnvironment - tasks = POST /tasks/log-level (io.dropwizard.servlets.tasks.LogConfigurationTask) POST /tasks/gc (io.dropwizard.servlets.tasks.GarbageCollectionTask) INFO [10:03:40.648] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@7026b7ee{/,null,AVAILABLE} INFO [10:03:40.693] [main] o.e.j.s.ServerConnector - Started application@6865c751{SSL-HTTP/1.1}{0.0.0.0:8443} INFO [10:03:40.711] [main] o.e.j.s.ServerConnector - Started admin@62679465{SSL-HTTP/1.1}{0.0.0.0:8444} INFO [10:03:40.711] [main] o.e.j.s.Server - Started @6176ms INFO [10:35:14.457] [Thread-12] o.e.j.s.ServerConnector - Stopped application@6865c751{SSL-HTTP/1.1}{0.0.0.0:8443} INFO [10:35:14.482] [Thread-12] o.e.j.s.ServerConnector - Stopped admin@62679465{SSL-HTTP/1.1}{0.0.0.0:8444} INFO [10:35:14.486] [Thread-12] o.e.j.s.h.ContextHandler - Stopped i.d.j.MutableServletContextHandler@7026b7ee{/,null,UNAVAILABLE} INFO [10:35:14.518] [Thread-12] o.e.j.s.h.ContextHandler - Stopped i.d.j.MutableServletContextHandler@75308740{/,null,UNAVAILABLE} INFO [10:35:20.884] [main] o.e.j.u.log - Logging initialized @3041ms INFO [10:35:21.074] [main] i.d.s.ServerFactory - Starting OxdHttpsApplication INFO [10:35:21.092] [main] i.d.s.DefaultServerFactory - Registering jersey handler with root path prefix: / INFO [10:35:21.136] [main] i.d.s.DefaultServerFactory - Registering admin handler with root path prefix: / INFO [10:35:24.045] [main] i.d.j.HttpsConnectorFactory - Supported protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2] INFO [10:35:24.047] [main] i.d.j.HttpsConnectorFactory - Supported cipher suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] INFO [10:35:24.140] [main] o.e.j.s.SetUIDListener - Opened application@6865c751{SSL-HTTP/1.1}{0.0.0.0:8443} INFO [10:35:24.143] [main] o.e.j.s.SetUIDListener - Opened admin@62679465{SSL-HTTP/1.1}{0.0.0.0:8444} INFO [10:35:24.154] [main] o.e.j.s.Server - jetty-9.2.z-SNAPSHOT INFO [10:35:27.194] [main] i.d.j.DropwizardResourceConfig - The following paths were found for the configured resources: POST /get-access-token-by-refresh-token (org.gluu.oxd.RestResource) POST /get-authorization-url (org.gluu.oxd.RestResource) POST /get-client-token (org.gluu.oxd.RestResource) POST /get-logout-uri (org.gluu.oxd.RestResource) POST /get-tokens-by-code (org.gluu.oxd.RestResource) POST /get-user-info (org.gluu.oxd.RestResource) GET /health-check (org.gluu.oxd.RestResource) POST /introspect-access-token (org.gluu.oxd.RestResource) POST /introspect-rpt (org.gluu.oxd.RestResource) POST /register-site (org.gluu.oxd.RestResource) POST /remove-site (org.gluu.oxd.RestResource) POST /setup-client (org.gluu.oxd.RestResource) POST /uma-rp-get-claims-gathering-url (org.gluu.oxd.RestResource) POST /uma-rp-get-rpt (org.gluu.oxd.RestResource) POST /uma-rs-check-access (org.gluu.oxd.RestResource) POST /uma-rs-protect (org.gluu.oxd.RestResource) POST /update-site (org.gluu.oxd.RestResource) INFO [10:35:27.199] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@5acc9fdf{/,null,AVAILABLE} INFO [10:35:27.225] [main] i.d.s.AdminEnvironment - tasks = POST /tasks/log-level (io.dropwizard.servlets.tasks.LogConfigurationTask) POST /tasks/gc (io.dropwizard.servlets.tasks.GarbageCollectionTask) INFO [10:35:27.238] [main] o.e.j.s.h.ContextHandler - Started i.d.j.MutableServletContextHandler@2d23faef{/,null,AVAILABLE} INFO [10:35:27.445] [main] o.e.j.s.ServerConnector - Started application@6865c751{SSL-HTTP/1.1}{0.0.0.0:8443} INFO [10:35:27.508] [main] o.e.j.s.ServerConnector - Started admin@62679465{SSL-HTTP/1.1}{0.0.0.0:8444} INFO [10:35:27.508] [main] o.e.j.s.Server - Started @9667ms

By Mohit Mali staff 29 May 2019 at 3:10 a.m. CDT

Mohit Mali gravatar
Hi @Vinay, Thanks you for reaching out gluu support , I will help you on this ticket. Give me some time reproduce your scenario. Thanks and Regards Mohit Mali

By Mohit Mali staff 29 May 2019 at 5:36 a.m. CDT

Mohit Mali gravatar
hi @vinay, Please let me know version of oxd server you are using. Thanks and Regards Mohit Mali

By vinay tangella user 30 May 2019 at 4:42 p.m. CDT

vinay tangella gravatar
Hi Mohit, We are using Oxd_Server_Version 3.1.4 for both http and https. I have a small request do you guys handle the oxdpython libraries? If so these seems to be pretty old, it would be great if you can release latest oxdpython libraries to make this much easier. Thanks, Vinay

By Mohit Mali staff 01 Jun 2019 at 6:14 a.m. CDT

Mohit Mali gravatar
Hi , please try to install oxd python using https://github.com/GluuFederation/oxd-python/archive/master.zip , it must work with oxd 3.1.4. please update me about the result. thanks and regards Mohit Mali

By vinay tangella user 02 Jun 2019 at 9:55 a.m. CDT

vinay tangella gravatar
Thanks for the response Mohit. We tried with latest libraires, we had to do some modifications to make this work with python 3. We are now able to authorize an user but when we try to do get_tokens_by_code by passing code, state, oxd_id alog with a bearer token in header we see Internal Server Error. Please let me know if you need any additional information.

By Mohit Mali staff 03 Jun 2019 at 12:28 a.m. CDT

Mohit Mali gravatar
hi Vinay, Can you send me the oxd server log file , so i can debug it ?

By vinay tangella user 03 Jun 2019 at 12:47 a.m. CDT

vinay tangella gravatar
``` 2019-06-03 00:04:14,936 INFO [org.xdi.oxd.server.ServerLauncher] Starting... 2019-06-03 00:04:14,952 INFO [org.xdi.oxd.server.ServerLauncher] commit: 2ef42abb03038f1d5e85392c33067dd2ee86753b, branch: origin/version_3.1.4, build time:29.10.2018 @ 03:40:31 EDT 2019-06-03 00:04:15,037 DEBUG [org.xdi.oxd.server.ServerLauncher] BC registered: false 2019-06-03 00:04:15,188 DEBUG [org.xdi.oxd.server.ServerLauncher] Registered BC successfully. 2019-06-03 00:04:15,353 TRACE [org.xdi.oxd.server.service.ConfigurationService] Try to load configuration from system property: oxd.server.config, value: ../conf/oxd-conf.json 2019-06-03 00:04:15,583 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration loaded successfully from system property: oxd.server.config. 2019-06-03 00:04:15,584 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration: Configuration{port=8099, timeOutInSeconds=0, registerClientAppType='web', registerClientResponesType='code', localhostOnly=true, useClientAuthenticationForPat=true, trustAllCerts=true, keyStorePath='', keyStorePassword='', cryptProviderKeyStorePath='', cryptProviderKeyStorePassword='', cryptProviderDnName='', supportGoogleLogout=true, stateExpirationInMinutes=5, nonceExpirationInMinutes=5, publicOpKeyCacheExpirationInMinutes=60, protectCommandsWithAccessToken=false, uma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient=true, migrationSourceFolderPath='', storage='h2', storageConfiguration={"dbFileLocation":"c:\\opt\\oxd-server\\bin\\oxd_db"}} 2019-06-03 00:04:15,584 TRACE [org.xdi.oxd.server.service.ConfigurationService] Trying to read oxd-default-site-config.json, path: C:\MyWork\AzureAD\oxd-server\bin\..\conf\oxd-default-site-config.json 2019-06-03 00:04:15,937 INFO [org.xdi.oxd.server.service.ConfigurationService] Default RP configuration loaded successfully: Rp{oxdId='null', opHost='https://devtenant2provider-tzfnonprod.msappproxy.net', opDiscoveryPath='https://devtenant2provider-tzfnonprod.msappproxy.net/.well-known/openid-configuration', idToken='null', accessToken='null', authorizationRedirectUri='https://localhost:8000/accounts/callback', postLogoutRedirectUri='null', applicationType='null', redirectUris=[https://localhost:8000/accounts/callback], frontChannelLogoutUri=null, claimsRedirectUri=null, responseTypes=[id_token, code], clientId='null', clientRegistrationAccessToken='null', clientRegistrationClientUri='null', clientIdIssuedAt=null, clientSecretExpiresAt=null, clientName='null', sectorIdentifierUri='null', clientJwksUri='null', setupClient='null', setupOxdId='null', setupClientId='null', scope=[openid, tranzform, profile], uiLocales=[en], claimsLocales=[en], acrValues=[], grantType=null, contacts=[], userId='null', userSecret='null', pat='null', patExpiresIn=0, patCreatedAt=null, patRefreshToken='null', umaProtectedResources=[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt=null, rptCreatedAt=null, rptUpgraded=null, tokenEndpointAuthSigningAlg=null, tokenEndpointAuthMethod=null, oxdRpProgrammingLanguage=null} 2019-06-03 00:04:16,194 DEBUG [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Schema created successfully. 2019-06-03 00:04:16,267 INFO [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Loaded 43 RPs. 2019-06-03 00:04:16,268 DEBUG [org.xdi.oxd.server.service.MigrationService] Migration source folder is not specified. 2019-06-03 00:04:16,268 DEBUG [org.xdi.oxd.server.service.MigrationService] Skip migration because migration source folder is not specified or otherwise invalid. 2019-06-03 00:04:16,275 INFO [org.xdi.oxd.server.service.SocketService] Server socket is bound to port: 8099, with timeout: 0 seconds. Start listening for notifications. 2019-06-03 00:06:06,954 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:06:06,956 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:06:06,974 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:06:06,975 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}}', m_leftString=''} 2019-06-03 00:06:06,975 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}} 2019-06-03 00:06:07,053 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:06:10,368 TRACE [org.xdi.oxd.server.service.DiscoveryService] Discovery response: { "issuer": "https://devtenant2provider-tzfnonprod.msappproxy.net", "authorization_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize", "token_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/token", "userinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/clientinfo", "check_session_iframe": "https://devtenant2provider-tzfnonprod.msappproxy.net.gluu.org/oxauth/opiframe.htm", "end_session_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/end_session", "jwks_uri": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/jwks", "registration_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/register", "id_generation_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/id", "introspection_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/introspection", "response_types_supported": [ "code", "token id_token", "code id_token", "token", "code token", "id_token", "code token id_token" ], "grant_types_supported": [ "password", "refresh_token", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "implicit", "authorization_code" ], "acr_values_supported": [ "basic_lock", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "100": ["basic_lock"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "service_documentation": "http://gluu.org/docs", "id_token_token_binding_cnf_values_supported": ["tbh"], "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scopes_supported": [ "tranzform", "address", "phone", "mobile_phone", "clientinfo", "user_name", "openid", "profile", "uma_protection", "permission", "email" ], "claims_supported": [ "street_address", "country", "zoneinfo", "role", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "inum", "locale", "tzfproviderid", "tzfexternalid", "tzfroles", "tzfinsightid", "updated_at", "nickname", "email", "tzfenrollid", "website", "tzfinternaluserid", "email_verified", "tzftenantenrollmentid", "profile", "tzfinsightuserid", "locality", "phone_number_verified", "given_name", "middle_name", "tzfmemid", "picture", "tzfusername", "name", "tzfmemberid", "phone_number", "postal_code", "region", "tzfuserstatus", "family_name", "tzftenantuuid" ], "scope_to_claims_mapping": [ {"mobile_phone": ["phone_mobile_number"]}, {"tranzform": [ "tzftenantuuid", "tzfinternaluserid", "tzfmemid", "tzfenrollid", "tzfexternalid", "tzfroles", "tzfuserstatus", "tzfusername", "tzftenantenrollmentid", "tzfinsightuserid", "tzfmemberid", "tzfproviderid", "tzfinsightid" ]}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"permission": ["role"]}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"clientinfo": [ "name", "inum" ]}, {"user_name": ["user_name"]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"email": [ "email_verified", "email" ]}, {"uma_protection": []}, {"openid": []} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } 2019-06-03 00:06:10,426 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"authorization_url":"https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize?response_type=code&client_id=@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!8196.D20E.87A3.E516&redirect_uri=https://localhost:8000/accounts/callback&scope=uma_protection+oxd&state=ke8neuumcp6jm4r9ona24ic4lj&nonce=3s4st2cm98sms46b4kvb35u10f"}} 2019-06-03 00:06:10,428 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:06:10,428 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:08:39,853 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:08:39,853 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:08:39,854 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:08:39,876 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:08:40,768 ERROR [org.xdi.oxd.server.op.GetTokensByCodeOperation] id_token is not returned. Please check whether 'openid' scope is present for 'get_authorization_url' command 2019-06-03 00:08:40,771 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='no_id_token', description='id_token is not returned. Please check whether 'openid' scope is present for 'get_authorization_url' command'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:66) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:08:40,777 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"no_id_token","details":null,"error_description":"id_token is not returned. Please check whether 'openid' scope is present for 'get_authorization_url' command"}} 2019-06-03 00:08:40,778 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:08:40,780 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:16:55,167 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:16:55,168 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:16:55,169 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:16:55,192 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:16:55,194 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:16:55,195 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:16:55,196 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:17:00,295 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:17:00,297 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:17:00,299 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:17:00,299 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:17:00,301 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:17:00,302 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:17:00,303 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:17:07,471 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:17:07,471 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:17:07,471 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"38ff0729-739f-4cfb-978e-0ac720ca79a0","state":"ke8neuumcp6jm4r9ona24ic4lj","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:17:07,472 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:17:07,473 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:17:07,475 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:17:07,476 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:17:22,347 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:17:22,347 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}}', m_leftString=''} 2019-06-03 00:17:22,347 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}} 2019-06-03 00:17:22,349 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"authorization_url":"https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize?response_type=code&client_id=@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!8196.D20E.87A3.E516&redirect_uri=https://localhost:8000/accounts/callback&scope=uma_protection+oxd&state=umcfh8dcut009q3lf02pi7b88o&nonce=4bv0fl9inc9k2vjlpi9u2gbhnd"}} 2019-06-03 00:17:22,351 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:17:22,351 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:19:18,020 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:19:18,021 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:19:18,022 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:19:18,023 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:19:18,479 ERROR [org.xdi.oxd.server.op.GetTokensByCodeOperation] Failed to get tokens because response code is: null 2019-06-03 00:19:18,479 ERROR [org.xdi.oxd.server.Processor] No response from operation. Command: Command{command=GET_TOKENS_BY_CODE, params={"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:19:18,480 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:19:18,480 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:23:27,294 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:23:27,294 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:23:27,295 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0181, commandSize: 181 2019-06-03 00:23:27,295 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:23:27,295 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:23:27,301 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:23:27,323 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:23:27,819 ERROR [org.xdi.oxd.server.service.UmaTokenService] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid 2019-06-03 00:23:27,819 ERROR [org.xdi.oxd.server.service.UmaTokenService] Please check AS(oxauth) configuration and make sure UMA scope (uma_protection) is enabled. 2019-06-03 00:23:27,819 TRACE [org.xdi.oxd.server.service.IntrospectionService] Exception during access token introspection. java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:23:27,821 ERROR [org.xdi.oxd.server.Processor] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:23:27,823 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:23:27,824 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:24:55,319 INFO [org.xdi.oxd.server.ServerLauncher] Starting... 2019-06-03 00:24:55,326 INFO [org.xdi.oxd.server.ServerLauncher] commit: 2ef42abb03038f1d5e85392c33067dd2ee86753b, branch: origin/version_3.1.4, build time:29.10.2018 @ 03:40:31 EDT 2019-06-03 00:24:55,391 DEBUG [org.xdi.oxd.server.ServerLauncher] BC registered: false 2019-06-03 00:24:55,609 DEBUG [org.xdi.oxd.server.ServerLauncher] Registered BC successfully. 2019-06-03 00:24:55,773 TRACE [org.xdi.oxd.server.service.ConfigurationService] Try to load configuration from system property: oxd.server.config, value: ../conf/oxd-conf.json 2019-06-03 00:24:55,986 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration loaded successfully from system property: oxd.server.config. 2019-06-03 00:24:55,987 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration: Configuration{port=8099, timeOutInSeconds=0, registerClientAppType='web', registerClientResponesType='code', localhostOnly=true, useClientAuthenticationForPat=true, trustAllCerts=true, keyStorePath='', keyStorePassword='', cryptProviderKeyStorePath='', cryptProviderKeyStorePassword='', cryptProviderDnName='', supportGoogleLogout=true, stateExpirationInMinutes=5, nonceExpirationInMinutes=5, publicOpKeyCacheExpirationInMinutes=60, protectCommandsWithAccessToken=false, uma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient=true, migrationSourceFolderPath='', storage='h2', storageConfiguration={"dbFileLocation":"c:\\opt\\oxd-server\\bin\\oxd_db"}} 2019-06-03 00:24:55,988 TRACE [org.xdi.oxd.server.service.ConfigurationService] Trying to read oxd-default-site-config.json, path: C:\MyWork\AzureAD\oxd-server\bin\..\conf\oxd-default-site-config.json 2019-06-03 00:24:56,395 INFO [org.xdi.oxd.server.service.ConfigurationService] Default RP configuration loaded successfully: Rp{oxdId='null', opHost='https://devtenant2provider-tzfnonprod.msappproxy.net', opDiscoveryPath='https://devtenant2provider-tzfnonprod.msappproxy.net/.well-known/openid-configuration', idToken='null', accessToken='null', authorizationRedirectUri='https://localhost:8000/accounts/callback', postLogoutRedirectUri='null', applicationType='null', redirectUris=[https://localhost:8000/accounts/callback], frontChannelLogoutUri=null, claimsRedirectUri=null, responseTypes=[id_token, code], clientId='null', clientRegistrationAccessToken='null', clientRegistrationClientUri='null', clientIdIssuedAt=null, clientSecretExpiresAt=null, clientName='null', sectorIdentifierUri='null', clientJwksUri='null', setupClient='null', setupOxdId='null', setupClientId='null', scope=[openid, tranzform, profile, uma_protection], uiLocales=[en], claimsLocales=[en], acrValues=[], grantType=null, contacts=[], userId='null', userSecret='null', pat='null', patExpiresIn=0, patCreatedAt=null, patRefreshToken='null', umaProtectedResources=[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt=null, rptCreatedAt=null, rptUpgraded=null, tokenEndpointAuthSigningAlg=null, tokenEndpointAuthMethod=null, oxdRpProgrammingLanguage=null} 2019-06-03 00:24:56,605 DEBUG [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Schema created successfully. 2019-06-03 00:24:56,673 INFO [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Loaded 43 RPs. 2019-06-03 00:24:56,674 DEBUG [org.xdi.oxd.server.service.MigrationService] Migration source folder is not specified. 2019-06-03 00:24:56,674 DEBUG [org.xdi.oxd.server.service.MigrationService] Skip migration because migration source folder is not specified or otherwise invalid. 2019-06-03 00:24:56,680 INFO [org.xdi.oxd.server.service.SocketService] Server socket is bound to port: 8099, with timeout: 0 seconds. Start listening for notifications. 2019-06-03 00:25:07,002 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:25:07,004 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:25:07,048 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0181, commandSize: 181 2019-06-03 00:25:07,049 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:25:07,049 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:25:07,129 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:25:08,451 TRACE [org.xdi.oxd.server.service.DiscoveryService] Discovery response: { "issuer": "https://devtenant2provider-tzfnonprod.msappproxy.net", "authorization_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize", "token_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/token", "userinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/clientinfo", "check_session_iframe": "https://devtenant2provider-tzfnonprod.msappproxy.net.gluu.org/oxauth/opiframe.htm", "end_session_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/end_session", "jwks_uri": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/jwks", "registration_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/register", "id_generation_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/id", "introspection_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/introspection", "response_types_supported": [ "code", "token id_token", "code id_token", "token", "code token", "id_token", "code token id_token" ], "grant_types_supported": [ "password", "refresh_token", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "implicit", "authorization_code" ], "acr_values_supported": [ "basic_lock", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "100": ["basic_lock"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "service_documentation": "http://gluu.org/docs", "id_token_token_binding_cnf_values_supported": ["tbh"], "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scopes_supported": [ "tranzform", "address", "phone", "mobile_phone", "clientinfo", "user_name", "openid", "profile", "uma_protection", "permission", "email" ], "claims_supported": [ "street_address", "country", "zoneinfo", "role", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "inum", "locale", "tzfproviderid", "tzfexternalid", "tzfroles", "tzfinsightid", "updated_at", "nickname", "email", "tzfenrollid", "website", "tzfinternaluserid", "email_verified", "tzftenantenrollmentid", "profile", "tzfinsightuserid", "locality", "phone_number_verified", "given_name", "middle_name", "tzfmemid", "picture", "tzfusername", "name", "tzfmemberid", "phone_number", "postal_code", "region", "tzfuserstatus", "family_name", "tzftenantuuid" ], "scope_to_claims_mapping": [ {"mobile_phone": ["phone_mobile_number"]}, {"tranzform": [ "tzftenantuuid", "tzfinternaluserid", "tzfmemid", "tzfenrollid", "tzfexternalid", "tzfroles", "tzfuserstatus", "tzfusername", "tzftenantenrollmentid", "tzfinsightuserid", "tzfmemberid", "tzfproviderid", "tzfinsightid" ]}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"permission": ["role"]}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"clientinfo": [ "name", "inum" ]}, {"user_name": ["user_name"]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"email": [ "email_verified", "email" ]}, {"uma_protection": []}, {"openid": []} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } 2019-06-03 00:25:08,503 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:25:08,525 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:25:12,192 ERROR [org.xdi.oxd.server.service.UmaTokenService] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid 2019-06-03 00:25:12,192 ERROR [org.xdi.oxd.server.service.UmaTokenService] Please check AS(oxauth) configuration and make sure UMA scope (uma_protection) is enabled. 2019-06-03 00:25:12,193 TRACE [org.xdi.oxd.server.service.IntrospectionService] Exception during access token introspection. java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:25:12,198 ERROR [org.xdi.oxd.server.Processor] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:25:12,233 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:25:12,236 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:25:22,403 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:25:22,403 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:25:22,404 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0181, commandSize: 181 2019-06-03 00:25:22,405 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:25:22,406 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:25:22,407 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:25:22,411 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:25:22,933 ERROR [org.xdi.oxd.server.service.UmaTokenService] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid 2019-06-03 00:25:22,933 ERROR [org.xdi.oxd.server.service.UmaTokenService] Please check AS(oxauth) configuration and make sure UMA scope (uma_protection) is enabled. 2019-06-03 00:25:22,934 TRACE [org.xdi.oxd.server.service.IntrospectionService] Exception during access token introspection. java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:25:22,935 ERROR [org.xdi.oxd.server.Processor] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:25:22,937 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:25:22,938 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:29:09,819 INFO [org.xdi.oxd.server.ServerLauncher] Starting... 2019-06-03 00:29:09,827 INFO [org.xdi.oxd.server.ServerLauncher] commit: 2ef42abb03038f1d5e85392c33067dd2ee86753b, branch: origin/version_3.1.4, build time:29.10.2018 @ 03:40:31 EDT 2019-06-03 00:29:09,903 DEBUG [org.xdi.oxd.server.ServerLauncher] BC registered: false 2019-06-03 00:29:10,174 DEBUG [org.xdi.oxd.server.ServerLauncher] Registered BC successfully. 2019-06-03 00:29:10,420 TRACE [org.xdi.oxd.server.service.ConfigurationService] Try to load configuration from system property: oxd.server.config, value: ../conf/oxd-conf.json 2019-06-03 00:29:10,742 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration loaded successfully from system property: oxd.server.config. 2019-06-03 00:29:10,742 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration: Configuration{port=8099, timeOutInSeconds=0, registerClientAppType='web', registerClientResponesType='code', localhostOnly=true, useClientAuthenticationForPat=true, trustAllCerts=true, keyStorePath='', keyStorePassword='', cryptProviderKeyStorePath='', cryptProviderKeyStorePassword='', cryptProviderDnName='', supportGoogleLogout=true, stateExpirationInMinutes=5, nonceExpirationInMinutes=5, publicOpKeyCacheExpirationInMinutes=60, protectCommandsWithAccessToken=false, uma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient=true, migrationSourceFolderPath='', storage='h2', storageConfiguration={"dbFileLocation":"c:\\opt\\oxd-server\\bin\\oxd_db"}} 2019-06-03 00:29:10,743 TRACE [org.xdi.oxd.server.service.ConfigurationService] Trying to read oxd-default-site-config.json, path: C:\MyWork\AzureAD\oxd-server\bin\..\conf\oxd-default-site-config.json 2019-06-03 00:29:11,199 INFO [org.xdi.oxd.server.service.ConfigurationService] Default RP configuration loaded successfully: Rp{oxdId='null', opHost='https://devtenant2provider-tzfnonprod.msappproxy.net', opDiscoveryPath='https://devtenant2provider-tzfnonprod.msappproxy.net/.well-known/openid-configuration', idToken='null', accessToken='null', authorizationRedirectUri='https://localhost:8000/accounts/callback', postLogoutRedirectUri='null', applicationType='null', redirectUris=[https://localhost:8000/accounts/callback], frontChannelLogoutUri=null, claimsRedirectUri=null, responseTypes=[id_token, code], clientId='null', clientRegistrationAccessToken='null', clientRegistrationClientUri='null', clientIdIssuedAt=null, clientSecretExpiresAt=null, clientName='null', sectorIdentifierUri='null', clientJwksUri='null', setupClient='null', setupOxdId='null', setupClientId='null', scope=[openid, tranzform, profile, uma_protection], uiLocales=[en], claimsLocales=[en], acrValues=[], grantType=null, contacts=[], userId='null', userSecret='null', pat='null', patExpiresIn=0, patCreatedAt=null, patRefreshToken='null', umaProtectedResources=[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt=null, rptCreatedAt=null, rptUpgraded=null, tokenEndpointAuthSigningAlg=null, tokenEndpointAuthMethod=null, oxdRpProgrammingLanguage=null} 2019-06-03 00:29:11,437 DEBUG [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Schema created successfully. 2019-06-03 00:29:11,533 INFO [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Loaded 43 RPs. 2019-06-03 00:29:11,534 DEBUG [org.xdi.oxd.server.service.MigrationService] Migration source folder is not specified. 2019-06-03 00:29:11,536 DEBUG [org.xdi.oxd.server.service.MigrationService] Skip migration because migration source folder is not specified or otherwise invalid. 2019-06-03 00:29:11,543 INFO [org.xdi.oxd.server.service.SocketService] Server socket is bound to port: 8099, with timeout: 0 seconds. Start listening for notifications. 2019-06-03 00:29:28,880 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:29:28,880 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:29:28,919 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0181, commandSize: 181 2019-06-03 00:29:28,920 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:29:28,920 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:29:29,017 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:29:30,366 TRACE [org.xdi.oxd.server.service.DiscoveryService] Discovery response: { "issuer": "https://devtenant2provider-tzfnonprod.msappproxy.net", "authorization_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize", "token_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/token", "userinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/clientinfo", "check_session_iframe": "https://devtenant2provider-tzfnonprod.msappproxy.net.gluu.org/oxauth/opiframe.htm", "end_session_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/end_session", "jwks_uri": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/jwks", "registration_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/register", "id_generation_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/id", "introspection_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/introspection", "response_types_supported": [ "code", "token id_token", "code id_token", "token", "code token", "id_token", "code token id_token" ], "grant_types_supported": [ "password", "refresh_token", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "implicit", "authorization_code" ], "acr_values_supported": [ "basic_lock", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "100": ["basic_lock"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "service_documentation": "http://gluu.org/docs", "id_token_token_binding_cnf_values_supported": ["tbh"], "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scopes_supported": [ "tranzform", "address", "phone", "mobile_phone", "clientinfo", "user_name", "openid", "profile", "uma_protection", "permission", "email" ], "claims_supported": [ "street_address", "country", "zoneinfo", "role", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "inum", "locale", "tzfproviderid", "tzfexternalid", "tzfroles", "tzfinsightid", "updated_at", "nickname", "email", "tzfenrollid", "website", "tzfinternaluserid", "email_verified", "tzftenantenrollmentid", "profile", "tzfinsightuserid", "locality", "phone_number_verified", "given_name", "middle_name", "tzfmemid", "picture", "tzfusername", "name", "tzfmemberid", "phone_number", "postal_code", "region", "tzfuserstatus", "family_name", "tzftenantuuid" ], "scope_to_claims_mapping": [ {"mobile_phone": ["phone_mobile_number"]}, {"tranzform": [ "tzftenantuuid", "tzfinternaluserid", "tzfmemid", "tzfenrollid", "tzfexternalid", "tzfroles", "tzfuserstatus", "tzfusername", "tzftenantenrollmentid", "tzfinsightuserid", "tzfmemberid", "tzfproviderid", "tzfinsightid" ]}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"permission": ["role"]}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"clientinfo": [ "name", "inum" ]}, {"user_name": ["user_name"]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"email": [ "email_verified", "email" ]}, {"uma_protection": []}, {"openid": []} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } 2019-06-03 00:29:30,418 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:29:30,448 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:29:30,915 ERROR [org.xdi.oxd.server.service.UmaTokenService] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid 2019-06-03 00:29:30,916 ERROR [org.xdi.oxd.server.service.UmaTokenService] Please check AS(oxauth) configuration and make sure UMA scope (uma_protection) is enabled. 2019-06-03 00:29:30,917 TRACE [org.xdi.oxd.server.service.IntrospectionService] Exception during access token introspection. java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:29:30,920 ERROR [org.xdi.oxd.server.Processor] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:29:30,958 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:29:30,959 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:30:44,532 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:30:44,532 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:30:44,532 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:30:44,533 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:30:44,534 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:30:44,541 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:30:44,544 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:30:44,545 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:30:44,549 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:31:09,217 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:31:09,218 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:31:09,219 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:31:09,219 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:31:09,225 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:31:09,229 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:31:09,231 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:31:14,032 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:31:14,032 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:31:14,032 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:31:14,034 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:31:14,035 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:31:14,036 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:31:14,036 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:31:16,911 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:31:16,912 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:31:16,913 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"3e318351-58b1-40b7-a3c9-7a23b4516629","state":"umcfh8dcut009q3lf02pi7b88o","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:31:16,914 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:31:16,916 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:31:16,922 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:31:16,923 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:34:24,780 INFO [org.xdi.oxd.server.ServerLauncher] Starting... 2019-06-03 00:34:24,791 INFO [org.xdi.oxd.server.ServerLauncher] commit: 2ef42abb03038f1d5e85392c33067dd2ee86753b, branch: origin/version_3.1.4, build time:29.10.2018 @ 03:40:31 EDT 2019-06-03 00:34:24,886 DEBUG [org.xdi.oxd.server.ServerLauncher] BC registered: false 2019-06-03 00:34:25,104 DEBUG [org.xdi.oxd.server.ServerLauncher] Registered BC successfully. 2019-06-03 00:34:25,300 TRACE [org.xdi.oxd.server.service.ConfigurationService] Try to load configuration from system property: oxd.server.config, value: ../conf/oxd-conf.json 2019-06-03 00:34:25,543 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration loaded successfully from system property: oxd.server.config. 2019-06-03 00:34:25,544 TRACE [org.xdi.oxd.server.service.ConfigurationService] Configuration: Configuration{port=8099, timeOutInSeconds=0, registerClientAppType='web', registerClientResponesType='code', localhostOnly=true, useClientAuthenticationForPat=true, trustAllCerts=true, keyStorePath='', keyStorePassword='', cryptProviderKeyStorePath='', cryptProviderKeyStorePassword='', cryptProviderDnName='', supportGoogleLogout=true, stateExpirationInMinutes=5, nonceExpirationInMinutes=5, publicOpKeyCacheExpirationInMinutes=60, protectCommandsWithAccessToken=false, uma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient=true, migrationSourceFolderPath='', storage='h2', storageConfiguration={"dbFileLocation":"c:\\opt\\oxd-server\\bin\\oxd_db"}} 2019-06-03 00:34:25,545 TRACE [org.xdi.oxd.server.service.ConfigurationService] Trying to read oxd-default-site-config.json, path: C:\MyWork\AzureAD\oxd-server\bin\..\conf\oxd-default-site-config.json 2019-06-03 00:34:25,939 INFO [org.xdi.oxd.server.service.ConfigurationService] Default RP configuration loaded successfully: Rp{oxdId='null', opHost='https://devtenant2provider-tzfnonprod.msappproxy.net', opDiscoveryPath='https://devtenant2provider-tzfnonprod.msappproxy.net/.well-known/openid-configuration', idToken='null', accessToken='null', authorizationRedirectUri='https://localhost:8000/accounts/callback', postLogoutRedirectUri='null', applicationType='null', redirectUris=[https://localhost:8000/accounts/callback], frontChannelLogoutUri=null, claimsRedirectUri=null, responseTypes=[id_token, code], clientId='null', clientRegistrationAccessToken='null', clientRegistrationClientUri='null', clientIdIssuedAt=null, clientSecretExpiresAt=null, clientName='null', sectorIdentifierUri='null', clientJwksUri='null', setupClient='null', setupOxdId='null', setupClientId='null', scope=[openid, tranzform, profile, uma_protection], uiLocales=[en], claimsLocales=[en], acrValues=[], grantType=null, contacts=[], userId='null', userSecret='null', pat='null', patExpiresIn=0, patCreatedAt=null, patRefreshToken='null', umaProtectedResources=[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt=null, rptCreatedAt=null, rptUpgraded=null, tokenEndpointAuthSigningAlg=null, tokenEndpointAuthMethod=null, oxdRpProgrammingLanguage=null} 2019-06-03 00:34:26,141 DEBUG [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Schema created successfully. 2019-06-03 00:34:26,221 INFO [org.xdi.oxd.server.persistence.SqlPersistenceServiceImpl] Loaded 43 RPs. 2019-06-03 00:34:26,222 DEBUG [org.xdi.oxd.server.service.MigrationService] Migration source folder is not specified. 2019-06-03 00:34:26,222 DEBUG [org.xdi.oxd.server.service.MigrationService] Skip migration because migration source folder is not specified or otherwise invalid. 2019-06-03 00:34:26,228 INFO [org.xdi.oxd.server.service.SocketService] Server socket is bound to port: 8099, with timeout: 0 seconds. Start listening for notifications. 2019-06-03 00:34:37,374 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:34:37,374 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:34:37,396 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:34:37,397 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}}', m_leftString=''} 2019-06-03 00:34:37,398 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}} 2019-06-03 00:34:37,460 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:34:38,894 TRACE [org.xdi.oxd.server.service.DiscoveryService] Discovery response: { "issuer": "https://devtenant2provider-tzfnonprod.msappproxy.net", "authorization_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize", "token_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/token", "userinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/clientinfo", "check_session_iframe": "https://devtenant2provider-tzfnonprod.msappproxy.net.gluu.org/oxauth/opiframe.htm", "end_session_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/end_session", "jwks_uri": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/jwks", "registration_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/register", "id_generation_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/id", "introspection_endpoint": "https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/introspection", "response_types_supported": [ "code", "token id_token", "code id_token", "token", "code token", "id_token", "code token id_token" ], "grant_types_supported": [ "password", "refresh_token", "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "implicit", "authorization_code" ], "acr_values_supported": [ "basic_lock", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "100": ["basic_lock"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "service_documentation": "http://gluu.org/docs", "id_token_token_binding_cnf_values_supported": ["tbh"], "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scopes_supported": [ "tranzform", "address", "phone", "mobile_phone", "clientinfo", "user_name", "openid", "profile", "uma_protection", "permission", "email" ], "claims_supported": [ "street_address", "country", "zoneinfo", "role", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "inum", "locale", "tzfproviderid", "tzfexternalid", "tzfroles", "tzfinsightid", "updated_at", "nickname", "email", "tzfenrollid", "website", "tzfinternaluserid", "email_verified", "tzftenantenrollmentid", "profile", "tzfinsightuserid", "locality", "phone_number_verified", "given_name", "middle_name", "tzfmemid", "picture", "tzfusername", "name", "tzfmemberid", "phone_number", "postal_code", "region", "tzfuserstatus", "family_name", "tzftenantuuid" ], "scope_to_claims_mapping": [ {"mobile_phone": ["phone_mobile_number"]}, {"tranzform": [ "tzftenantuuid", "tzfinternaluserid", "tzfmemid", "tzfenrollid", "tzfexternalid", "tzfroles", "tzfuserstatus", "tzfusername", "tzftenantenrollmentid", "tzfinsightuserid", "tzfmemberid", "tzfproviderid", "tzfinsightid" ]}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"permission": ["role"]}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"clientinfo": [ "name", "inum" ]}, {"user_name": ["user_name"]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"email": [ "email_verified", "email" ]}, {"uma_protection": []}, {"openid": []} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } 2019-06-03 00:34:39,004 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"authorization_url":"https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize?response_type=code&client_id=@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!8196.D20E.87A3.E516&redirect_uri=https://localhost:8000/accounts/callback&scope=uma_protection+oxd&state=t9t3a0g5ivl0habjrcjmif6h8t&nonce=h0fp5igqfvsc1hirn590l2kel8"}} 2019-06-03 00:34:39,006 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:34:39,008 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:35:42,983 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0181, commandSize: 181 2019-06-03 00:35:42,983 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:35:42,984 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"introspect_access_token","params":{"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","access_token":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:35:42,989 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:35:43,031 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:35:43,534 ERROR [org.xdi.oxd.server.service.UmaTokenService] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid 2019-06-03 00:35:43,534 ERROR [org.xdi.oxd.server.service.UmaTokenService] Please check AS(oxauth) configuration and make sure UMA scope (uma_protection) is enabled. 2019-06-03 00:35:43,535 TRACE [org.xdi.oxd.server.service.IntrospectionService] Exception during access token introspection. java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:35:43,542 ERROR [org.xdi.oxd.server.Processor] oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid java.lang.RuntimeException: oxd requested scope PROTECTION but AS returned access_token without that scope, token scopes :openid at org.xdi.oxd.server.service.UmaTokenService.obtainTokenWithClientCredentials(UmaTokenService.java:193) at org.xdi.oxd.server.service.UmaTokenService.obtainToken(UmaTokenService.java:166) at org.xdi.oxd.server.service.UmaTokenService.obtainPat(UmaTokenService.java:148) at org.xdi.oxd.server.service.UmaTokenService.getPat(UmaTokenService.java:143) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:44) at org.xdi.oxd.server.service.IntrospectionService.introspectToken(IntrospectionService.java:36) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:35) at org.xdi.oxd.server.op.IntrospectAccessTokenOperation.execute(IntrospectAccessTokenOperation.java:16) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:35:43,546 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:35:43,549 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:36:44,521 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:36:44,522 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:36:44,522 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:36:44,523 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"6fc9d02d-d254-43ad-a662-46f021c59a05","state":"t9t3a0g5ivl0habjrcjmif6h8t","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:36:44,523 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"6fc9d02d-d254-43ad-a662-46f021c59a05","state":"t9t3a0g5ivl0habjrcjmif6h8t","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:36:44,528 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:36:45,282 ERROR [org.xdi.oxd.server.op.GetTokensByCodeOperation] Failed to get tokens because response code is: null 2019-06-03 00:36:45,282 ERROR [org.xdi.oxd.server.Processor] No response from operation. Command: Command{command=GET_TOKENS_BY_CODE, params={"code":"6fc9d02d-d254-43ad-a662-46f021c59a05","state":"t9t3a0g5ivl0habjrcjmif6h8t","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:36:45,283 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:36:45,284 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:37:24,290 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:37:24,291 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:37:24,291 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:37:24,292 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}}', m_leftString=''} 2019-06-03 00:37:24,292 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_authorization_url","params":{"prompt":null,"scope":null,"oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","acr_values":null,"hd":null,"protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0","custom_parameters":null}} 2019-06-03 00:37:24,295 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"authorization_url":"https://devtenant2provider-tzfnonprod.msappproxy.net/oxauth/restv1/authorize?response_type=code&client_id=@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!8196.D20E.87A3.E516&redirect_uri=https://localhost:8000/accounts/callback&scope=uma_protection+oxd&state=1dcsejntrt3qdibog8nu221eni&nonce=1ecsaoguqo30u5i71436e5firl"}} 2019-06-03 00:37:24,296 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:37:24,296 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:39:19,840 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:39:19,842 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"29ac9eea-a218-47d0-88fb-921b5fef1ee5","state":"1dcsejntrt3qdibog8nu221eni","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:39:19,842 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"29ac9eea-a218-47d0-88fb-921b5fef1ee5","state":"1dcsejntrt3qdibog8nu221eni","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:39:19,844 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:39:20,309 ERROR [org.xdi.oxd.server.op.GetTokensByCodeOperation] Failed to get tokens because response code is: null 2019-06-03 00:39:20,310 ERROR [org.xdi.oxd.server.Processor] No response from operation. Command: Command{command=GET_TOKENS_BY_CODE, params={"code":"29ac9eea-a218-47d0-88fb-921b5fef1ee5","state":"1dcsejntrt3qdibog8nu221eni","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:39:20,310 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"internal_error","details":null,"error_description":"Unknown internal server error occurs."}} 2019-06-03 00:39:20,311 ERROR [org.xdi.oxd.server.SocketProcessor] Quit. Enable to process command. 2019-06-03 00:42:28,625 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:42:28,625 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2019-06-03 00:42:28,625 TRACE [org.xdi.oxd.common.CoreUtils] Parsed sizeString: 0239, commandSize: 239 2019-06-03 00:42:28,626 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_tokens_by_code","params":{"code":"29ac9eea-a218-47d0-88fb-921b5fef1ee5","state":"1dcsejntrt3qdibog8nu221eni","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}}', m_leftString=''} 2019-06-03 00:42:28,626 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_tokens_by_code","params":{"code":"29ac9eea-a218-47d0-88fb-921b5fef1ee5","state":"1dcsejntrt3qdibog8nu221eni","oxd_id":"6ff8defc-2d39-4606-bc4c-3079789e9d71","protection_access_token":"d405a2f2-985e-4145-835b-3a657e3169e0"}} 2019-06-03 00:42:28,640 ERROR [org.xdi.oxd.server.Processor] ErrorResponseException{errorResponseCode=ErrorResponseCode{value='bad_request', description=''state' is not registered.'}} at org.xdi.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:112) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:43) at org.xdi.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:28) at org.xdi.oxd.server.Processor.process(Processor.java:74) at org.xdi.oxd.server.Processor.process(Processor.java:49) at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) 2019-06-03 00:42:28,642 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."}} 2019-06-03 00:42:28,643 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2019-06-03 00:42:28,643 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: ```

By Mohit Mali staff 03 Jun 2019 at 2:56 a.m. CDT

Mohit Mali gravatar
hi @vinay, Its look like state is wrong in the request parameter call that why its return "{"status":"error","data":{"error":"bad_request","details":null,"error_description":"'state' is not registered."". May i know how you obtain the state in the request parameter ? Thanks and Regards Mohit Mali

By William Lowe staff 03 Jun 2019 at 4:40 a.m. CDT

William Lowe gravatar
BTW, Vinay, this portal supports Markdown formatting. You can see how I edited your post to make it more readable. Thanks, Will

By vinay tangella user 03 Jun 2019 at 11:32 a.m. CDT

vinay tangella gravatar
@Will Sure will keep that in mind from now on. @Mohit we resolved that but we are running in to an issue while trying to do get_tokens_by_code below is the log. 2019-06-03 00:39:19,842 TRACE [org.xdi.oxd.server.Processor] Command: {“command”:“get_tokens_by_code”,“params”:{“code”:“29ac9eea-a218-47d0-88fb-921b5fef1ee5”,“state”:“1dcsejntrt3qdibog8nu221eni”,“oxd_id”:“6ff8defc-2d39-4606-bc4c-3079789e9d71”,“protection_access_token”:“d405a2f2-985e-4145-835b-3a657e3169e0”}} 2019-06-03 00:39:19,844 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2019-06-03 00:39:20,309 ERROR [org.xdi.oxd.server.op.GetTokensByCodeOperation] Failed to get tokens because response code is: null 2019-06-03 00:39:20,310 ERROR [org.xdi.oxd.server.Processor] No response from operation. Command: Command{command=GET_TOKENS_BY_CODE, params={“code”:“29ac9eea-a218-47d0-88fb-921b5fef1ee5”,“state”:“1dcsejntrt3qdibog8nu221eni”,“oxd_id”:“6ff8defc-2d39-4606-bc4c-3079789e9d71”,“protection_access_token”:“d405a2f2-985e-4145-835b-3a657e3169e0”}} 2019-06-03 00:39:20,310 TRACE [org.xdi.oxd.server.Processor] Send back response: {“status”:“error”,“data”:{“error”:“internal_error”,“details”:null,“error_description”:“Unknown internal server error occurs.”}}

By vinay tangella user 03 Jun 2019 at 10:40 p.m. CDT

vinay tangella gravatar
We followed the following steps to acheive this setupclient, get_clinet_token, get_auth_url and After login we tried get_tokens_by_code - in this step we are seeing the above error

By Mohit Mali staff 04 Jun 2019 at 1:11 a.m. CDT

Mohit Mali gravatar
hi @vinay, Ok let me setup the same envrionment to assit you. Thanks and Regards Mohit Mali

By Senthilkumar Dhanapal Account Admin 05 Jun 2019 at 10:23 a.m. CDT

Senthilkumar Dhanapal gravatar
here is the oxauth.log ``` 2019-06-04 22:41:40,003 DEBUG [qtp1971489295-18] [org.xdi.oxauth.auth.AuthenticationFilter] (AuthenticationFilter.java:111) - Starting Basic Auth token endpoint authentication 2019-06-04 22:41:40,008 DEBUG [qtp1971489295-18] [org.xdi.oxauth.service.ClientService] (ClientService.java:141) - Found 1 entries for client id = @!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2 2019-06-04 22:41:40,008 DEBUG [qtp1971489295-18] [org.xdi.oxauth.service.ClientService] (ClientService.java:101) - Authenticating Client with LDAP: clientId = @!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2 2019-06-04 22:41:40,009 DEBUG [qtp1971489295-18] [org.xdi.oxauth.service.ClientService] (ClientService.java:141) - Found 1 entries for client id = @!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2 2019-06-04 22:41:40,009 DEBUG [qtp1971489295-18] [org.xdi.oxauth.service.AuthenticationService] (AuthenticationService.java:515) - ConfigureSessionClient: username: '@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2', credentials: '1128365206' 2019-06-04 22:41:40,009 DEBUG [qtp1971489295-18] [org.xdi.oxauth.service.ClientService] (ClientService.java:141) - Found 1 entries for client id = @!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2 2019-06-04 22:41:40,017 INFO [qtp1971489295-18] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:262) - Authentication success for Client: '@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2' 2019-06-04 22:41:40,018 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:107) - Attempting to request access token: grantType = authorization_code, code = 5e73e73c-188f-4d8d-bf85-8233b06c74f1, redirectUri = https://localhost:8000/accounts/callback, username = null, refreshToken = null, clientId = null, ExtraParams = {grant_type=[authorization_code], code=[5e73e73c-188f-4d8d-bf85-8233b06c74f1], redirect_uri=[https://localhost:8000/accounts/callback]}, isSecure = true, codeVerifier = null, ticket = null 2019-06-04 22:41:40,019 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:129) - Starting to validate request parameters 2019-06-04 22:41:40,019 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:137) - Grant type: 'authorization_code' 2019-06-04 22:41:40,019 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:143) - Get sessionClient: 'org.xdi.oxauth.model.session.SessionClient@15c426b' 2019-06-04 22:41:40,019 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:147) - Get client from session: '@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2' 2019-06-04 22:41:40,020 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:163) - Attempting to find authorizationCodeGrant by clinetId: '@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2', code: '5e73e73c-188f-4d8d-bf85-8233b06c74f1' 2019-06-04 22:41:40,020 DEBUG [qtp1971489295-18] [xdi.oxauth.token.ws.rs.TokenRestWebServiceImpl] (TokenRestWebServiceImpl.java:217) - AuthorizationCodeGrant is empty by clinetId: '@!8F37.A840.F114.D6FE!0001!C742.2A1B!0008!9ADB.B19A.C16E.48C2', code: '5e73e73c-188f-4d8d-bf85-8233b06c74f1' 2019-06-04 22:41:40,021 DEBUG [qtp1971489295-18] **[org.xdi.oxauth.model.error.ErrorResponseFactory] (ErrorResponseFactory.java:70) - Looking for the error with id: invalid_grant** 2019-06-04 22:41:40,021 DEBUG [qtp1971489295-18] [org.xdi.oxauth.model.error.ErrorResponseFactory] (ErrorResponseFactory.java:75) - Found error, id: invalid_grant 2019-06-04 22:41:41,443 DEBUG [oxAuthScheduler_Worker-5] [org.xdi.service.timer.RequestJobListener] (RequestJobListener.java:52) - Bound request started 2019-06-04 22:41:41,443 DEBUG [oxAuthScheduler_Worker-5] [org.xdi.service.timer.TimerJob] (TimerJob.java:34) - Fire timer event [org.xdi.service.cdi.event.LoggerUpdateEvent] with qualifiers [@org.xdi.service.cdi.event.Scheduled()] ```

By vinay tangella user 06 Jun 2019 at 9:05 a.m. CDT

vinay tangella gravatar
Hi Mohit, We resolved above issues and are now running into an issue while trying to call get_logout_uri api. We see the below error message even after passing all the optional parameters along with oxd_id. {"error":"invalid_grant_and_session","error_description":"The provided access token and session state are invalid or were issued to another client.","reason":"Failed to identify session by session_id query parameter or by session_id cookie."}

By Mohit Mali staff 07 Jun 2019 at 1:54 a.m. CDT

Mohit Mali gravatar
hi vinay, this issue prompt when we are providing wrong sesstion state param which is invalid or expired one. Thanks and Regards Mohit Mali

By Mustafa Baser staff 07 Jun 2019 at 3:50 a.m. CDT

Mustafa Baser gravatar
Hi, According to your logs, you are having issue with oxd client. Please check your client, as follows: Scopes: oxd, permission, uma_protection, openid Response Types: code Grant Types: client_credentials, refresh_token, authorization_code Actually it is better to allow oxd register it's client. You can automatically register a client by calling `register_site()` Regards.

By Mustafa Baser staff 07 Jun 2019 at 3:53 a.m. CDT

Mustafa Baser gravatar
And don't forget to add **Post Logout Redirect URIs** See attached screenshot for a sample client.

By William Lowe staff 17 Jun 2019 at 6:10 a.m. CDT

William Lowe gravatar
Vinay, What is the latest? Thanks, Will

By Mohib Zico staff 26 Jun 2019 at 9:26 a.m. CDT

Mohib Zico gravatar
Hi Vinay, Please reopen this ticket when you are ready to troubleshoot. Closing for now.